SSL Certificate: Difference between revisions
No edit summary |
|||
(7 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
[[ | {{Glossary| | ||
|note = This article is neutral, but is [[Sponsorship|sponsored]] by [[Registry.Africa]] (ZACR),<br/> an ICANN supporter and applicant for a new [[.africa]] gTLD.<br/>Read more about their plans [http://africainonespace.org/ here]. | |||
'''SSL''' is the acronym for '''Secure Sockets Layer.''' It was designed to | |logo = RegistrydotAfricaLogo.png | ||
|link = http://icannwiki.com/index.php/Registry.Africa | |||
|silversponsor = ICANNWiki [[Sponsorship|Silver Sponsor]] | |||
}} | |||
'''SSL''' is the acronym for '''Secure Sockets Layer.''' It was designed to allow users to securely send and receive data over the internet. SSL was developed by [[Netscape]] in 1994 to provide security between communicating applications (client and server). The technology uses two protocols, the '''record protocol,''' which provides basic security to higher level protocols and '''handshake protocol''', which allows client-server authentication.<ref>[http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzain/rzainhistory.htm IBM HIstory of SSL]</ref> SSL is integrated in web browsers, e-mail, and instant messaging applications and other programs with encryption key given by a [[Certification Authority]] (CA) in the form of a '''digital certificate''', also known as a '''SSL Certificate'''. The digital key is authenticated by the handshake protocol in one or both end points during the SSL session. The handshake protocol will then set-up a unique symmetric key to generate keys that will encrypt and decrypt data to maintain a secure communications and data transfers between computers during SSL connection.<ref>[http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzain/rzainhistory.htm How SSL Works]</ref> During the SSL connection the record protocol maintains confidentiality and message integrity by encrypting applications data using the Message Authentication Code (MAC).<ref>[http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_1-1/ssl.html SSl: Foundation for Web Security]</ref> | |||
==Basic Properties of SSL Protocol Channel Security== | ==Basic Properties of SSL Protocol Channel Security== | ||
Based on the Internet Draft submitted by Kipp E.B. Hickman of Netscape to the [[Internet Engineering Task Force | Based on the Internet Draft submitted by Kipp E.B. Hickman of Netscape to the [[Internet Engineering Task Force]] (IETF), the SSL protocol channel security is:<ref>[http://tools.ietf.org/html/draft-hickman-netscape-ssl-00 Internet Draft-SSL Protocol]</ref> | ||
* Private- It uses | * Private- It uses symmetric cryptography to encrypt data and define a secret key through a simple handshake. | ||
* Authenticated- Asymmetric cryptography always | * Authenticated- Asymmetric cryptography always authenticates the server endpoint of conversation while the client endpoint is optionally authenticated. | ||
* Reliable- It uses Message Authentication Code (MAC) to check the message integrity and secure hash functions. | * Reliable- It uses a Message Authentication Code (MAC) to check the message integrity and secure hash functions. | ||
==Versions== | ==Versions== | ||
The SSL Protocol has the following | The SSL Protocol has the following versions:<ref>[http://httpd.apache.org/docs/2.0/ssl/ssl_intro.html SSL/TLS Strong Encryption: An Introduction]</ref> | ||
* SSL Protocol v2.0- The first protocol implemented by Netscape | * SSL Protocol v2.0- The first protocol implemented by Netscape | ||
* SSL Protocol v3.0- An improvement to SSL Protocol v2.0 to protect data transfer from specific security threats and to provide support to certificate chains and add non-RSA ciphers. | * SSL Protocol v3.0- An improvement to SSL Protocol v2.0 to protect data transfer from specific security threats and to provide support to certificate chains and add non-RSA ciphers. | ||
* TLS v1.0- The current standard proposed by IETF. An improvement to the SSL Protocol v3.0. This version is an enhancement from MAC layer to HMAC, block padding for block ciphers, message order standardization and more alert messages | * [[TLS]] v1.0- The current standard proposed by the [[IETF]]. An improvement to the SSL Protocol v3.0. This version is an enhancement from MAC layer to HMAC, it features block padding for block ciphers, message order standardization and more alert messages. | ||
==References== | ==References== |
Latest revision as of 17:42, 4 March 2021
an ICANN supporter and applicant for a new .africa gTLD. Read more about their plans here. | |
ICANNWiki Silver Sponsor |
SSL is the acronym for Secure Sockets Layer. It was designed to allow users to securely send and receive data over the internet. SSL was developed by Netscape in 1994 to provide security between communicating applications (client and server). The technology uses two protocols, the record protocol, which provides basic security to higher level protocols and handshake protocol, which allows client-server authentication.[1] SSL is integrated in web browsers, e-mail, and instant messaging applications and other programs with encryption key given by a Certification Authority (CA) in the form of a digital certificate, also known as a SSL Certificate. The digital key is authenticated by the handshake protocol in one or both end points during the SSL session. The handshake protocol will then set-up a unique symmetric key to generate keys that will encrypt and decrypt data to maintain a secure communications and data transfers between computers during SSL connection.[2] During the SSL connection the record protocol maintains confidentiality and message integrity by encrypting applications data using the Message Authentication Code (MAC).[3]
Basic Properties of SSL Protocol Channel Security[edit | edit source]
Based on the Internet Draft submitted by Kipp E.B. Hickman of Netscape to the Internet Engineering Task Force (IETF), the SSL protocol channel security is:[4]
- Private- It uses symmetric cryptography to encrypt data and define a secret key through a simple handshake.
- Authenticated- Asymmetric cryptography always authenticates the server endpoint of conversation while the client endpoint is optionally authenticated.
- Reliable- It uses a Message Authentication Code (MAC) to check the message integrity and secure hash functions.
Versions[edit | edit source]
The SSL Protocol has the following versions:[5]
- SSL Protocol v2.0- The first protocol implemented by Netscape
- SSL Protocol v3.0- An improvement to SSL Protocol v2.0 to protect data transfer from specific security threats and to provide support to certificate chains and add non-RSA ciphers.
- TLS v1.0- The current standard proposed by the IETF. An improvement to the SSL Protocol v3.0. This version is an enhancement from MAC layer to HMAC, it features block padding for block ciphers, message order standardization and more alert messages.